7 matches found
What Are Red Team Exercises and Why Are They Important?
Pick a side. It’s game time, and nothing is off the table. -- For most organizations, a true defense-in-depth strategy includes the proactive testing of company cyber defenses. A Red Team Exercise is designed to reveal vulnerabilities in a companys security through hands-on testing, uncovering...
Rockwell Automation Micro800 and MicroLogix 1400
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: Micro800, MicroLogix 1400 Vulnerability: Channel Accessible by Non-endpoint 2. RISK EVALUATION Successful exploitation of this vulnerability may result in denial-of-service conditions, which...
NSA Releases Guidance on Mitigating Cloud Vulnerabilities
The National Security Agency NSA has released an information sheet with guidance on mitigating cloud vulnerabilities. NSA identifies cloud security components and discusses threat actors, cloud vulnerabilities, and potential mitigation measures. The Cybersecurity and Infrastructure Security Agenc...
GE Mark VIe Controller
1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: GE Equipment: Mark VIe Controller Vulnerabilities: Improper Authorization, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create...
Casino Goes All In and Wins Big with Imperva Security
There’s no good time to be hit by ransom-seeking DDoS attackers. For one casino-entertainment provider, the timing was particularly bad — right before one of its largest online poker events in 2016. The casino, which generates multiple billions in revenue per year, leveraged Imperva’s emergency...
Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...
Introducing Enhanced Mitigation Experience Toolkit (EMET) 4.1
In June 2013, we released EMET 4.0 and customer response has been fantastic. Many customers across the world now include EMET as part of their defense-in-depth strategy and appreciate how EMET helps businesses prevent attackers from gaining access to computers systems. Today, we’re releasing a ne...